If you have any questions or comments regarding the information in the local service standard, please contact your supervisor.
- To establish standards for handling information
Compliance with this policy is required by all Continuing Education Centre for Emergency Services’ (CECES) employees, members, volunteers and other persons acting on behalf of CECES (including contracted service providers as necessary). This local service standard does not limit any legal rights to which you may otherwise be entitled.
LOCAL SERVICE STANDARD
- Customer and Client represent those who purchase goods and services from CECES or are donors
- Members are individuals who hold the status of Member within CECES as per the bylaws
- Volunteers are individuals who volunteer their services to CECES
- The Privacy Authority is a person who holds accountability over all privacy matters. The Privacy Authority is the Chairman of the Board unless otherwise delegated by the Chairman.
- Person information includes any factual or subjective information, recorded or not, about an identifiable individual, such as:
- Age, name, ID numbers, income, ethnic origin or blood type
- Opinions, evaluations, comments, social status, or disciplinary actions; and
- Employee files, credit records, loan records, medical records, the existence of a dispute between a consumer and a merchant, intentions (for example, to acquire goods or services, or change jobs). (A guide for businesses and organizations – privacy toolkit, 2015).
- This policy does not apply in the following circumstances:
- Business contact information, including an employee’s name, title, business address, telephone number, facsimile number, or email address which CECES collects, uses, or discloses, solely for the purpose of communicating with a person about their employment, business, or profession.
- CECES’ collection, use, or disclosure of personal information solely for journalistic, artistic, or literary purposes.
- Dismissal and Investigation
- All members of the organization are required to report offenses to a director of the organization. Failure to do so may result in disciplinary action by human resources policies.
- Any director that is informed of a potential offense must notify the Chairman or Vice-Chairman of the Board of Directors. The Vice-Chairman will be contacted and not the Chairman in the event of possible involvement of the Chairman in the offense.
- The Chairman or Vice-Chairman will investigate the matter or may delegate an investigation. The findings and a recommendation shall be raised at the next meeting of the board. The board may apply disciplinary penalties towards members, up to and including dismissal from the organization, by Human Resources Policy.
- Offences include:
- Destruction of personal information that an individual has requested.
- Retaliation against an employee, member or volunteer who has complained to the Privacy Commissioner of Canada, or who refuses to contravene Sections 5 to 10 of the Privacy Act.
- Obstruct a complain investigation or audit by the Privacy Commissioner or his or her delegate.
- The Chairman of the Board is responsible for intervening on privacy issues relation to the organization’s operation. The Chairman may delegate this authority to a member of the organization.
- The authority will:
- Be responsible for privacy issues communicated internally to the organization and its members and publicly on the organization’s website.
- Be accountable for analyzing and documenting personal information handling practices to ensure they meet fair information practices.
- Develop, document, and implement policies and procedures to protect personal information.
- Regularly assess CECES’ privacy management program and address shortcomings.
- Make information available explaining privacy policies and procedures to members and customers of the organization.
- Identifying the Purpose
- CECES will identify the reason for collecting personal information before, or at the time of, collection. The explanation for the need of this information will be provided and how it will be used.
- Should there be any new purpose for the information, consent must be received from the individual before using it.
- Obtaining Valid, Informed Consent
- CECES will obtain informed consent from the individual whose personal information is collected, used, or disclosed.
- Products and services will not be denied to any person who fails to consent to the collection of information, utilization, and disclosure, of information beyond that is required to fulfill a specified and legitimate purpose.
- Disclosure of personal information may occur without consent by the Privacy Act.
- Limiting Use
- Personal information will be kept only as long as necessary to satisfy the disclosed purposes.
- Personal information may be held for up to a seven-year period for the purpose of redress of decisions and actions made by the organization. This periods begins following a member, volunteer, or employee’s termination or resignation. For customers, the period begins upon the cessation of relevant services. This time frame may be extended in adherence to other policies or legislation.
- CECES will destroy, erase, or render anonymous, information that is no longer required for an identified purpose or legal requirement. Paper items will be shredded.
- Personal information will not be sold, given, or rented, to third parties without the consent of the individual unless special circumstances are met through the Privacy Act.
- Business proceedings may be made public by the corporation and include members of the proceedings and records of what was said.
- Accuracy of Information
- Personal Information that will be used frequently will be routinely assessed for accuracy provided the information be used in the interest of the member. This information may include next of kin information and other safety focused information.
- Personal information will be kept locked in a cabinet when not in use. The Secretary is responsible for holding this information. The Secretary will implement a file tracking system and will be accountable to the location of all physical personal information.
- The IT & Support Manager is responsible for ensuring digital information is secured through reasonable security measures.
- Information will be provided to members fulfilling services required and consented to by the individual and only for the reason consented.
- Access to Information
- Individuals may request access to their personal information. Copies must be provided within 90 days and may be done through e-mail or postal service at the expense of the individual requesting. Identification may be requested to confirm the individual is whom they claim to be.
- CECES will note any disagreement with the information on file.
- Refusal of access may be deemed necessary if the information:
- Is protected by solicitor-client privilege.
- Would reveal confidential commercial information which is incapable of being severed from the personal information.
- Would reasonably be expected to harm an individual’s life or security, which is unable to be severed from the remaining information (A guide for businesses and organizations – privacy toolkit, 2015).
- Was collected without the individual’s knowledge or consent to ensure its availability and accuracy, and the collection was required to investigate a breach of an agreement or contravention of provincial law. If this reason is the purpose for a denial, the Privacy Commissioner of Canada will be notified by the CECES privacy authority (A guide for business and organizations – privacy toolkit, 2015).
- Was generated in the course of a formal dispute resolution process; or
- Was created for the purpose of making a disclosure under the Public Servants Disclosure Protection Act
- Complaints can be filed through verbally informing a member of the board. The IT & Support Manager will provide an email for handling complaints that are accessible to the general public.
- The complainant will be informed of their avenues of recourse.
- All complaints will be investigated
- Measures will be taken at the discretion of the Privacy Authority.
A guide for businesses and corporations – privacy toolkit. (2015). Quebec City.
If you have any questions or comments regarding the information in the local service standard, please
contact your supervisor or firstname.lastname@example.org.
• To establish terms of conditions and use for the website and its content.
To all users of the website.
LOCAL SERVICE STANDARD
- Welcome Message
- Terms of Reference
- Herein, Continuing Education Centre for Emergency Services shall be referred to as ‘CECES’
- ‘CECES,’ ‘us,’ ‘we,’ refer to the owner of the website whose registered office is in Edmonton, Alberta, Canada.
- ‘You’ refers to the user or viewer of our website
- The content of the pages of this website is for your general information and use only. It is subject to change without notice.
- Neither we, nor any third party, provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness, or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
- Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. All materials is educational and not intended for the replacement of any Medical Protocol and company standards of care or medical direction. It shall be your own responsibility to ensure that any products, services, or information made available through this website, meet your specific requirements.
- The website contains material which is owned by, or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance, graphics, educational material, and general aesthetic. Reproduction is prohibited unless
otherwise stipulated in accordance to the copyright notice, which forms part of these terms and conditions.
- Creative content material may be subject to other terms and conditions not listed in section 3.5., as seen fit and deemed appropriate. It shall be identified as such.
- All trademarks reproduced in or on this website, which are not the property of, or licensed to, the operator, are acknowledged on the website.
- Unauthorized use of this website may give rise to a claim for damages and/or be a criminal offence.
- From time to time, this website may also link to other websites. These links are provided for your convenience, to provide further information. They do not signify that we endorse the website(s). We hold no responsibility for the content of the
- Your use of this website, and any dispute arising from use of the website, is subject to the laws of Canada, USA, and any other country accessing the CECES website.
- These terms and conditions may be periodically changed without notice.